[e-lang] Microsoft's laws of identity
john.carlson3 at sbcglobal.net
Sun Jul 24 13:49:55 EDT 2005
I would be very careful using Java, because one can use aspect oriented
programming to gain access from the
calling program into almost any part of the program. Thus you should
pass all your capabilities into your Java
program, not try to hide some inside your Java program.
Andy Dwelly wrote:
> I'm currently involved in the architecture and design of a new
> application and for various reasons including my reading here, have
> decided to use Capability Security as the security model in that
> system (but not E alas, it's a conventional Java implentation). There
> are obviously limits to what can be achieved in terms of protecting
> users because apart from the choice of Java, its frequently going to
> be running on top of a Windows OS.
> Anyway, this came to my attention today.
> http://www.identityblog.com/stories/2004/12/09/thelaws.html . Kim
> Cameron is the identity architect at MS so this could well represent
> the 'Official MS View' at some point in the future. I thought I'd
> mention it here and see if anyone had any comments....
> Andy Dwelly
> e-lang mailing list
> e-lang at mail.eros-os.org
More information about the e-lang